package com.keshi.openplatform.eureka.conf;


import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * 我们的eureka的配置，防止无法注册服务
 */
@EnableWebSecurity
public class EurekaConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()//禁用掉csrf防攻击，防止我们的服务无法注册
                .authorizeRequests()//需要认证所有的请求
                .mvcMatchers("/eureka/**").permitAll()//注册地址放行
                .mvcMatchers("/actuator/**").permitAll()//actuator地址放行
                .anyRequest().authenticated().and().httpBasic();//其他所有请求都需要认证
    }
}
